<?php
require_once("../include/global.php");
@header('Content-type: text/html;charset=UTF-8');
?>
<?php

if ($_POST["Submit"]) {
    $username = $_POST["username"];
    $pwd = md5($_POST["pwd"]);
    $code = $_POST["code"];
    if ($code != $_SESSION["auth"]) {
        echo "<script language=javascript>alert('验证码不正确！');window.location='login.php'</script>";
        ?>
		<?php
        die();
    }
    $conn = new mysqli($GLOBALS['mydbhost'], $GLOBALS['mydbuser'], $GLOBALS['mydbpw'],$GLOBALS['mydbname']);
    $stmt = $conn->prepare("select * from admin where username=? and password=?");
    $stmt->bind_param("ss", $username, $pwd);
    $stmt->execute();
    $result = $stmt->get_result();
    if ($rows = $result->fetch_assoc()) {
        $_SESSION["userId"] = $rows["userId"];
        $_SESSION["flag"] = $rows["flag"];
        $_SESSION["companyname"] = $rows["companyname"];
        $_SESSION["pwd"] = $pwd;
        $_SESSION["username"] = $username;
        $_SESSION["admin"] = session_id();
        echo "<script language=javascript>alert('登陆成功！');window.location.href='admin_index.php'</script>";
    } 
    else {
        echo "<script language=javascript>alert('用户名或密码错误！');window.location.href='login.php'</script>";
        ?>
		<?php
        die();
    }
}
?>
<?php

if ($_GET['tj'] == 'out') {
//     session_destroy();
    unset($_SESSION["admin"]);
    echo "<script language=javascript>alert('退出成功！');window.location.href='login.php'</script>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>登录</title>
<link href="login.css" type="text/css" rel="stylesheet" rev="stylesheet" />
<script src="../front/js/jquery.min.js"></script>
<script>
	function check(){
		var userName = $("input[name=username]");
		var userPwd = $("input[name=pwd]");
		var validate = $("input[name=code]");
		if($.trim(userName.val()).length<=0){alert("用户名不允许为空");userName.focus();return false;}
		if($.trim(userPwd.val()).length<=0){alert("密码不允许为空");userPwd.focus();return false;}
		if($.trim(validate.val()).length<=0){alert("验证码不允许为空");validate.focus();return false;}
	}
</script>
</head>
<body class="denglu02">
	<div class="dl">
		<div class="biaoti"></div>
		<div class="log">
			<ul class="xuzhi02">
				<li class="xz">后台管理系统</li>
				<li>1.站点信息维护</li>
				<li>2.代买/代卖商品信息维护</li>
			</ul>
			<ul class="deng02">
				<form id="frm" name="frm" method="post" action="">
					<li style="width: 100%; height: 60px;">
						<p
							style="float: left; font-size: 18px; color: #666; line-height: 30px;">用户名:</p>
						<input id="username" name="username" class="i-text" type="text" />
					</li>
					<div style="clear: both;"></div>

					<li style="width: 100%; height: 60px;">
						<p
							style="float: left; font-size: 18px; color: #666; line-height: 30px;">密&nbsp;&nbsp;&nbsp;码:</p>
						<input id="pwd" class="i-text" type="password" name="pwd" />
					</li>
					<div style="clear: both;"></div>
					<li style="width: 100%; height: 60px;">
						<p
							style="float: left; font-size: 18px; color: #666; line-height: 30px;">验证码:</p>
						<input id="code" name="code" class="i-text" style="width: 170px;"
						type="text" /> <img id="verify" title="点击换验证码"
						onclick="this.src='verify.php?'+Math.random();" src="verify.php"
						style="vertical-align: middle; border: 0px; height: 37px;" />
					</li>
					<li style="width: 100%; height: 60px;"><input name="Submit"
						class="btn-login02" type="submit" onclick="return check()"
						value="登录" /> <input class="btn-login02" type="reset" value="重置" />
					</li>
				</form>
			</ul>

		</div>
	</div>
</body>
</html>
